DHS Offering Free Vulnerability Scans, Penetration Tests

tsu doh nimh writes: The U.S. Department of Homeland Security (DHS) has been quietly launching stealthy cyber attacks against a range of private U.S. companies -- mostly banks and energy firms. These digital intrusion attempts, commissioned in advance by the private sector targets themselves, are part of a little-known program at DHS designed to help 'critical infrastructure' companies shore up their computer and network defenses against real-world adversaries. And it's all free of charge (well, on the U.S. taxpayer's dime). Brian Krebs examines some of the pros and cons, and the story has some interesting feedback from some banks and others who have apparently taken DHS up on its offer.

Why is this free of charge?

[rsborg]

Another example of corporate welfare... pen-testing costs time and money, why should I as a taxpayer be out this money?

Weird use of Government resources

[avandesande]

How about publishing a set of standards and tests that critical infrastructure companies must utilize?